<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
0D54z000084mAFKCA2Okta Identity EngineAuthenticationAnswered2022-09-13T02:20:01.000Z2022-09-12T01:56:45.000Z2022-09-13T02:20:01.000Z

moth.06818 (Customer) asked a question.

Okta Browser Plugin : Credentials when an exception occurs.

okta browser plugin : Credentials when an exception occurs.

 

We are configuring SWA (With Okta Browser Plugin) on a website that does not support SAML/OIDC.

If an anomaly occurs when the endpoint (Okta Browser Plugin) redirects to the website, are the credentials still stored on the endpoint?

Or are the credentials deleted as if the process was successful?

We are concerned that the credentials will remain stored on the endpoint (Okta Browser Plugin).

Please tell us what happens to the credentials in the Okta Browser Plugin when an exception occurs.

 

I checked the following site and the SSO flow is

Okta -> Browser Plugin -> Web site.

Also, after the redirection to Browser Plugin -> Web site, the credential will be deleted from the endpoint.

 

・Okta Browser Plugin: Security Features

https://help.okta.com/oie/en-us/Content/Topics/Browser-Plugin/security.htm

​​

・Okta Browser Plugin

https://help.okta.com/oie/en-us/Content/Topics/Browser-Plugin/browser-plugin-main.htm


  • Paul S. (Okta, Inc.)

    Hello @moth.06818 (Customer)​ Thank you for reacting out to our Community!

     

    Checking this, Okta will store the SWA encrypted credentials within the running database. Once the browser plugin uses the credentials, they are deleted and are no longer stored or cached.

    If the login flow is stopped for any reason, this information will be flushed from the database.

     

    The Okta Community Catalysts Program is now live. Collect online badges when you participate in the Okta Help Center Questions community. Learn more here.

    Expand Post
  • moth.06818 (Customer)

    @Paul S. (Okta, Inc.)​ 

    Thanks for the reply.

    I understood that the credential is deleted even when an exception occurs.

     

    For reference, could you please let us know if there is any documentation that describes the behavior when an exception occurs?

    Expand Post
This question is closed.
Loading
Okta Browser Plugin : Credentials when an exception occurs.